A vulnerability classified as problematic was found in NamelessMC Nameless 2.2.4 . The affected element is an unknown function of the file /index.php?route=/queries/user/ . Such manipulation of the argument ID leads to cross site scripting. This vulnerability is traded as CVE-2026-32250 . The attack may be launched remotely. There is no exploit available.